«

Hi,

I'm using jakarta commons httpclient v3.0 and I'm trying to emulate
what I would do using a browser, like logging on to a web application
and then doing an action which requires me to be logged on.

HttpMethod method = null;
int returnCode = 0;
String response = null;
method = new GetMethod(".../login?username=mike&password=test");
returnCode = client.executeMethod(method);
response = getStringFromInputStream(method.getResponseBodyAsS tream());
// the response is the "admin" page, I'm logged on!

method = new GetMethod(".../action?parameter=value");
returnCode = client.executeMethod(method);
response = getStringFromInputStream(method.getResponseBodyAsS tream());
// the reponse is the login scren, I'm not authenticated

Can someone give me a hint on how I can acheve that?

Thanks,

Mike.

Michael Fortin wrote:

> I'm using jakarta commons httpclient v3.0 and I'm trying to emulate
> what I would do using a browser, like logging on to a web application
> and then doing an action which requires me to be logged on.
>
> HttpMethod method = null;
> int returnCode = 0;
> String response = null;
> method = new GetMethod(".../login?username=mike&password=test");
> returnCode = client.executeMethod(method);
> response = getStringFromInputStream(method.getResponseBodyAsS tream());
> // the response is the "admin" page, I'm logged on!
>
> method = new GetMethod(".../action?parameter=value");
> returnCode = client.executeMethod(method);
> response = getStringFromInputStream(method.getResponseBodyAsS tream());
> // the reponse is the login scren, I'm not authenticated
>
> Can someone give me a hint on how I can acheve that?

The web application will use some strategy to associate different
requests together into the same session. The most common strategy is to
send a cookie in the response that it expects to see in future requests
that belong to the same session. Another possibility is that it will
expect to see some form of session ID as a query parameter; in this case
the parameter would be encoded into the URLs of all the hyperlink
targets on each page it delivers. These are not the only possibilities,
but chances are excellent that your web application is using one of
them. Figure out which one, and comply with it.


John Bollinger